HP VPN Firewall Appliances Access Control Configuration Guide
167
Task Command
Remarks
Display TCP spoofing statistics.
display portal tcp-cheat statistics [ | { begin |
exclude | include } regular-expression ]
Available in any
view.
Display information about portal
users on a specific interface or all
interfaces.
display portal user { all | interface interface-type
interface-number } [ | { begin | exclude |
include } regular-expression ]
Available in any
view.
Clear portal connection statistics
on a specific interface or all
interfaces.
reset portal connection statistics {all | interface
interface-type interface-number }
Available in user
view.
Clear portal server statistics on a
specific interface or all interfaces.
reset portal server statistics { all | interface
interface-type interface-number }
Available in user
view.
Clear TCP spoofing statistics.
reset portal tcp-cheat statistics
Available in user
view.
Portal configuration examples
Configuring direct portal authentication
Network requirements
As shown in Figure 121, the host is assigned with a public network IP address either manually or through
DHCP.
Configure the firewall to perform direct portal authentication for users on the host. Before a user passes
portal authentication, the user can access only the portal server. After passing portal authentication, the
user can access Internet resources.
Use a RADIUS server as the authentication, authorization, and accounting server.
Figure 121 Network diagram
Configuration prerequisites
Configure IP addresses for the host, firewall, and servers as shown in Figure 121 and make sure that they
can reach each other.
Configure the RADIUS server correctly to provide authentication and accounting functions for users.
FirewallHost
2.2.2.2/24
Gateway : 2.2.2.1/24
GE0/2
2.2.2.1/24
GE0/1
192.168.0.100/24
Portal server
192.168.0.111/24
RADIUS server
192.168.0.112/24